The University Policy Manual

  • Home »
  • Information Security Policy

Information Security

The University of North Carolina at Greensboro

  • (Approved by the Chancellor, July 19, 2004 and May 2010 as Security of Networks and Networked Data
    and January 15, 2002 as Wireless Communications)
  • (Approved by the Chancellor, July 16, 2012)

Purpose

This policy specifies the principles and requirements the University of North Carolina at Greensboro (hereinafter "University") has established to protect information assets owned by or in the care of the University.

Scope

This policy applies to all faculty, staff, students, and any parties who interact with, access, or store University information assets or information assets in the University's care.

Policy

The University will work toward achieving these goals:

  1. The University is committed to protecting information assets.
  2. The University shall act as a responsible conservator of information assets entrusted to its care.
  3. The University shall comply with federal and state law, contractual obligations, and UNC System policies related to information security.
  4. University business processes shall be consistent with the above principles, and, unless contrary to law, University policies or UNC System Policies, shall follow the UNCG Information Security Management Standards and procedures for implementation of those standards.
  5. All University leadership, faculty, staff, and students, and relevant affiliates are required to actively support the above principles and are expected to take reasonable measures to protect information assets in their care.

Enforcement

Information Technology Services (ITS), in cooperation with other University authorities and administrators, will enforce this Policy, and establish standards, procedures, and protocols in support of the policy.

Any violation of this policy by a University student is subject to the Student Code of Conduct in the student handbook. For employees, any violation of this policy is "misconduct" under EPA policies (faculty and EPA non-faculty) and "unacceptable personal conduct" under SPA policies, including any appeal rights stated therein. Violations of law may also be referred for criminal or civil prosecution. Additionally, violations of this policy may result in termination or suspension of access, in whole or in part, to University information systems at the discretion of ITS, where such action is reasonable to protect the University or the University information infrastructure.

Review

The Chancellor has approved the Information Security Policy and ITS will periodically review the policy as appropriate.

Links to Related University Policies

Links

Contact

Comments or questions? Email the Policy Administrator.